Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified communications manager - vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-20786
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. This vulnerability is ...
Cisco Unified Communications Manager Im And Presence Service
8.1
CVSSv3
CVE-2021-1363
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improp...
Cisco Unified Communications Manager Im And Presence Service
8.1
CVSSv3
CVE-2021-1365
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improp...
Cisco Unified Communications Manager Im And Presence Service
8.1
CVSSv3
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
8.1
CVSSv3
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.3.1.1
Apache Struts 2.5.9
Apache Struts 2.2.3.1
Apache Struts 2.3.28
Apache Struts 2.3.15
Apache Struts 2.5.2
Apache Struts 2.3.14
Apache Struts 2.3.32
Apache Struts 2.2.1
Apache Struts 2.3.16
Apache Struts 2.5.10
Apache Struts 2.3.24.1
Apache Struts 2.5.6
Apache Struts 2.1.8.1
Apache Struts 2.3.3
Apache Struts 2.3.16.3
Apache Struts 2.3.4
Apache Struts 2.1.3
Apache Struts 2.1.2
Apache Struts 2.1.5
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
1 EDB exploit
20 Github repositories
3 Articles
7.8
CVSSv3
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
143 Github repositories
1 Article
7.8
CVSSv3
CVE-2019-1911
A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local malicious user to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could...
Cisco Hosted Collaboration Solution
7.8
CVSSv3
CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x up to and including 4.x prior to 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka ...
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Tus 6.5
Redhat Enterprise Linux Eus 6.7
Redhat Enterprise Linux Long Life 5.6
Redhat Enterprise Linux Aus 6.4
Redhat Enterprise Linux 5
Redhat Enterprise Linux Long Life 5.9
Redhat Enterprise Linux Aus 6.2
Redhat Enterprise Linux Eus 7.1
Redhat Enterprise Linux Eus 6.6
Redhat Enterprise Linux Aus 6.5
Debian Debian Linux 8.0
Debian Debian Linux 7.0
5 EDB exploits
183 Github repositories
6 Articles
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
7.5
CVSSv3
CVE-2023-20259
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote malicious user to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This AP...
Cisco Unity Connection 14su3
Cisco Emergency Responder 14su3
Cisco Unified Communications Manager 14su3
Cisco Unified Communications Manager Im & Presence Service 14su3
Cisco Unified Communications Manager Im & Presence Service 12.5(1)su7
Cisco Unified Communications Manager 12.5(1)su7
Cisco Prime Collaboration Deployment 14su3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »